Lumu, a cybersecurity firm specializing in Continuous Compromise Assessment, has integrated its network detection and response (NDR) solution with Gigamon’s Deep Observability Pipeline, a move designed to enhance real-time threat detection, automated response, and proactive defense against cyber threats.

This integration aims to provide organizations with complete visibility across hybrid cloud infrastructure by combining network-derived telemetry and MELT data. The collaboration enables cybersecurity teams to more effectively defend against encrypted threats. Global organizations across various industries face challenges including complex infrastructures, security blind spots, and an evolving threat landscape.

Customers currently using the Gigamon Deep Observability Pipeline can now leverage Lumu’s Continuous Compromise Assessment capabilities to analyze network metadata and bolster ransomware defense. The combined solution streamlines visibility into complex systems and optimizes data processing, offering a unified approach to cybersecurity challenges.

Ricardo Villadiego, founder and CEO of Lumu, commented on the integration, stating that security teams face significant challenges due to infrastructure complexity and sophisticated threat actors, leading to data overload and inefficient threat response. He emphasized that the partnership provides centralized decryption, comprehensive visibility, optimized data processing, and real-time compromise assessment, helping organizations address modern cyber threats.

The technical integration involves Gigamon capturing network-derived telemetry, including packets, flows, and application-aware metadata. Gigamon processes this data by reducing complexity through deduplication and flow optimization, and by collecting and decrypting network flows. This information is then fed to Lumu, which applies its Illumination Process™ to analyze the data and detect confirmed compromises in real time. Upon identifying a compromise, Lumu triggers an automated response to block or mitigate the threat and can integrate with existing third-party security solutions for immediate action.

The combined capabilities offer several benefits:
* Ransomware Defense: Gigamon decrypts traffic, enabling Lumu to identify threat actors and detect early indicators of ransomware, such as lateral movement and command and control activities.
* Encrypted Traffic Visibility: Gigamon’s decryption of encrypted traffic allows Lumu to uncover hidden threats and provide actionable insights.
* Optimized Security Tool Performance: Gigamon reduces redundant data, contributing to cost efficiency. Lumu focuses on actionable insights for faster detection and reduces storage costs for network logs by offloading them from Security Information and Event Management (SIEM) systems.
* Real-Time Compromise Detection in Hybrid Environments: Gigamon supplies enriched metadata to Lumu for continuous threat detection and monitoring across hybrid and multi-cloud traffic in real time.

Srinivas Chakravarty, vice president of Cloud Ecosystem at Gigamon, highlighted the need for both complete visibility and intelligent analysis to defend against complex threats. He stated that Gigamon provides the necessary network-derived telemetry for deep observability across hybrid cloud infrastructure, while Lumu offers machine-speed threat detection, enriched insights, and real-time response. He concluded that their combined efforts empower enterprises to eliminate blind spots, accelerate threat detection, and improve security outcomes across industries.